Forum Discussion

MVP

May 04, 2023

server SSL Profile setting

In the Server SSL profile we have under The Server Authentication section of the Server SSL profile ( server certificate ) and the default action is ignore, my question here is what is mean ignore,...

application delivery

security

AlanMoen

Cirrus

It means that the LTM client will not check the validity of the server cert, just that it's there. It won't break things if the cert expires, for example.

Amr_Ali

MVP

May 04, 2023

Do you mean her when the LTM acts as a client during the connection between it and the back-end web server, it accepts any certificate sent from the server even if expired

AlanMoen
Cirrus
May 04, 2023
Yes. I found this by accident when one of my AD teams let their server certs expire but the LTM kept chugging along. I'm kinda surprised it's the default setting and I've changed that in my environment for security reasons.
JRahm
Admin
May 05, 2023
AlanMoen is correct here, just adding the references for others to the Server SSL Profile details covered in knowledge article K14806.